Accordingly to Symantec’s latest Internet Security Threat Report, the estimated projection of global spam volumes in 2012 was 30 billion spam emails per day. Spammers are improving the quality and targeting of their spam messages in an effort to bypass filters and trick victims into revealing personal information, passwords, credit card details, and bank credentials. Ironically, even web pages meant for the guidance and protection of customers, were mimicked by phishers with the intent of tricking people into handing over personal information. The latest theme being used by spammers is Mothers Day.

Symantec has observed an increase in spam messages around Mother’s Day. These messages encourage users to take advantage of products offers, fake surveys, e-card, personalized gifts, replica watches as well as clearance sales of cars and trucks. By clicking the URL in the email, the user is automatically redirected to a website containing bogus offers. This is where the user is asked a few questions related to Mother’s Day. Upon completion of the survey, the Web page is redirected and it asks users to enter their personal information in order to receive the gifts they’d selected.

Symantec discovered that upon visiting an adversary site, a vulnerable victim would have been redirected to download a back door as the payload. Symantec products detect the exploit code on the vulnerable site as Trojan.Malscript and the back door as Backdoor.Darkmoon.

McAfee today announced the execution of a definitive agreement to initiate a conditional tender offer for the acquisition of Stonesoft Oyj, a leading innovator in next-generation network firewall products, for an aggregate equity value of approximately $389 million in cash.

Network security is a vital component of a comprehensive security solution. Next-generation firewalls solve critical customer needs and represent one of the fastest growing market segments in network security.

Stonesoft is a leading innovator in the next-generation firewall segment. Gartner positioned the company as “visionary” in the 2013 Network Security Firewall Magic Quadrant. Stonesoft achieved “Recommend” status in NSS Labs’ latest 2013 firewall tests.

With Stonesoft, McAfee expects to grow its network security business by delivering the industry’s most complete network security solution with three leading platforms: McAfee’s IPS Network Security Platform, McAfee’s Firewall Enterprise for the high assurance market segment, and Stonesoft’s next-generation firewall.

Reuters, May 2, 2013 - Samsung, BlackBerry devices cleared for use on U.S. defense networks

Reuters reported that the Pentagon on Thursday cleared BlackBerry and Samsung mobile devices for use on Defense Department networks, a step toward opening up the military to a wide variety of technology equipment makers while still ensuring communications security.

Such move is meant to prevent vendor's lock-in.

To ensure security, mobile devices and operating systems go through a security review process approved by the Defense Information Systems Agency. Once their Security Technical Implementation Guide - or STIG - is reviewed and approved, the devices can be used on the network.

It is c&c-powered. In March 2013, two different compilations of dropper were detected.

It only works on 32 bits system.

Win32/Rootkit.Avatar uses a driver infection technique twice: the first in the dropper so as to bypass detections by HIPS, and the second in the rootkit driver for surviving after system reboot.

In computer security, a dropper complements a payload. A dropper is a program (malware component) that has been designed to "install" some sort of malware (virus, backdoor, etc.) to a target system.

The payload does the malicious codes.

In this case, the dropper process is designed as such that the malicious code will be eventually loaded by modified system driver; hence bypassing security software.

After successfully loading the Avatar rootkit driver, Avatar executes an algorithm for infecting system drivers so as to survive after reboot. In order to perform its infection, Avatar randomly chooses a driver and checks its name against a blacklist that varies for every Windows versions.

After that, the Win32/Rootkit.Avatar Payload will be loaded.

The payload is designed with core function of facilitating communications. One of its ability is to be able to received encrypted messages and instructions from Yahoo Groups. Once this process is achieved, the goal is achieved.

Win32/Rootkit.Avatar is an interesting rootkit family using many interesting techniques for bypassing detection by security software.

For cleaning it’s necessary first to deactivate the Avatar rootkit driver and user-mode payload, and only then is it possible to clean or restore the infected system driver.

Popular Posts

Previously, we did discuss about the possibility of rich web applications being the catalyst to boost the sales of computer (laptops, desktops and etc) because new computers would come with better hardware specifications.

CNET attempts to find out the better between AMD Athlon 64 x 2 and Intel Duo Core and it concludes the winner as AMD. To know why, find out more.

Fujitsu ...

But the bigger problem is how to test if your processor and RAM(s) are really not malfunction ? It is not easy, compared to testing the battery duration of your laptop as claimed by the sales person. For instance, Fujitsu claimed that Lifebook A6010E with a basic 4-cell battery can last 2.8 hours. However, make sure that it is on standby mode or safe-mode of Windows XP.

Very funny.

In actually fact, a 4-cell battery on Fujitsu Lifebook A6010E can last around 1 hour and 15 minutes with normal usage (non-server, no gaming and etc); just a few web browsers windows, office application and perhaps outlook express.

During recent Digital Transformation Forum - held on the eve of Mobile World Congress 2017 in Barcelona - Huawei outlined its role as an all-round strategic partner to countries looking to advance economic and social development. Huawei is committed to creating value for communities by collaborating with operators to help them maximize network assets, deploy home broadband and indoor digitalization, and drive connectivity to enhance the user experience, while promoting economic and social growth.

"By 2025, we will see 2 billion more people with mobile connections, and another 500 million broadband homes. Our commitment has always been to enabl…